05839e36aaab35d6d4b0d5e39f888801642d7499
690 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Benjamin Admin
|
7c7513525e |
feat: Document-centric scan results + DSI deduplication
DSI Dedup (consent-tester): - Only H1/H2 headings count as documents (not H3/H4 sub-sections) - Sub-sections (Cookies, Betroffenenrechte, Social Media) are part of parent document's full text, not separate documents - Reduces IHK result from 30 to ~11 real documents Backend (agent_scan_routes): - ScanFinding gets doc_title field linking each finding to its document - doc_title set when creating DSI findings for document attribution Frontend (ScanResult.tsx): - 3 sections: Services table, Document cards, General findings - Documents: expandable cards with completeness bar (green/yellow/red) - Findings grouped under their parent document - Each card shows: title, word count, findings count, % completeness - Findings without doc_title go to "Allgemeine Findings" section Email Summary (agent_scan_helpers): - Findings listed under their parent document - General findings in separate section - No more flat mixed list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
d816cf8d3a |
fix: missing closing brace in GetBuiltinHazardPatterns()
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
8dd1581fae |
feat: IACE SIL/PL calculator + Cobot patterns + library extensions
SIL/PL Calculator: Deterministic S×E×P → PL (a-e) → SIL (1-3) mapping Cobot Patterns (HP059-HP065): Human-robot collision, afterrun, misprogramming Press Patterns split into separate file (500-line guardrail) 5 new components (C136-C140), 5 new tags, 18 keyword entries Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
ea8353f1a0 |
fix: Scan progress display — separate progress state, guard ScanResult render
- scanProgress state tracks live progress (not mixed into scanData) - ScanResult only renders when scanData.services exists (prevents crash) - Purple progress bar with spinner shows current step during scan - Fixes: TypeError 's.services.filter' when progress data set as scanData Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
d80cb9c8e4 |
feat: IACE Interview Frontend — 3 Modi (Interview/Wizard/Formular)
CE-Risikobeurteilung Datenerfassung mit 3 wählbaren Eingabe-Modi: 1. Interview-Modus (Chat-artig): Fragen werden nacheinander gestellt wie im Kundengespräch. Antwort-Historie sichtbar. 2. Wizard-Modus: Schritt-für-Schritt durch 8 Sektionen. 3. Formular-Modus: Alle Sektionen als Accordion auf einer Seite. 20 strukturierte Fragen in 8 Abschnitten: - Maschinenbeschreibung (Name, Typ, Baugruppen) - Lebensphasen (Betrieb, Einrichten, Wartung) - Bestimmungsgemäße Verwendung - Vorhersehbare Fehlanwendung - Qualifikation der Benutzer - Räumliche/Zeitliche Grenzen - Technische Daten (Kräfte, Spannungen, Temperaturen, Drehzahlen) - Umgebungsbedingungen answersToNarrativeText() konvertiert alle Antworten in den Freitext der an POST /parse-narrative gesendet wird. Ergebnis-Panel zeigt: Komponenten, Gefahren, Patterns, Energiequellen. URL: /sdk/iace/[projectId]/interview Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
cb607bf228 |
feat: Async scan with polling — no more timeout issues
Fundamental fix: scans now run asynchronously with progress polling.
Backend:
- POST /scan starts background task, returns scan_id immediately
- GET /scan/{scan_id} returns status + progress + result when done
- 7 progress steps shown: Website scan, DSI discovery, DSE analysis,
SOLL/IST comparison, corrections, report, email
- In-memory job store (dict with scan_id → status/result)
- No timeout limits on scan duration
Frontend:
- POST starts scan, receives scan_id
- Polls GET every 5 seconds (max 120 attempts = 10 min)
- Shows live progress message during scan
- Displays result when completed, error when failed
Proxy:
- POST timeout reduced to 30s (just starts the job)
- GET timeout 10s (just status check)
- No more 504/connection-dropped errors
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
d7b287889e |
fix: IACE parser handler — use MatchOutput.SuggestedHazards instead of MatchedPatterns fields
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
d4b7943d54 |
feat: IACE deterministic narrative parser + library extensions
Library Extensions: - 15 new components (C121-C135): knee lever, hydraulic ram, lubrication system, extraction system, vibrating plate, die tooling, transfer system, hoist, chute, oil drip tray, pressure relief valve, die space, flywheel, bin changeover station, inspection scale - 8 new tags: person_under_load, two_hand_control_required, thermal_accumulation, mechanical_transmission, oil_mist_risk, rapid_energy_release, gravity_suspended_load, bypass_risk - 14 new patterns (HP045-HP058): ram drop, die space crushing, oil mist inhalation, hot workpiece burns, suspended load, transfer draw-in, ejection fall, accumulator pressure release, impact noise, flywheel residual energy, guard bypass, two-hand misoperation, oil leakage, ergonomic bin changeover Deterministic Parser (NO LLM): - keyword_dictionary.go: ~100 entries mapping DE/EN keywords to component IDs, energy source IDs, and tags - narrative_parser.go: ParseNarrative() extracts components, energy sources, lifecycle phases, roles, tech specs, and context tags from free-text machine descriptions via keyword matching + regex - Tech spec regex: extracts kN, V, °C, bar, kW, rpm values and derives energy sources + severity tags automatically - iace_handler_parser.go: POST /projects/:id/parse-narrative endpoint chains parser → pattern engine → hazard suggestions Test: Paste Kniehebelpresse description → should detect 10+ components, 15+ hazards, all deterministically without LLM. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
47ec792acf |
fix: raise scan proxy timeout from 3 to 10 min (50 pages + 20 DSI docs + LLM)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
f3e44cf59f |
fix: restore all missing consent-tester service modules
banner_detector.py, script_analyzer.py, category_tester.py, authenticated_scanner.py were only on the feature branch — needed for consent-tester to start. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
3fade26d89 |
fix: restore consent-tester requirements.txt
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
797ed667a2 |
fix: restore consent-tester Dockerfile (was lost from main)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
a3f7fb93f4 |
fix: Scan quality — raise page limit, use full DSI text for checks
Bug 1: max_pages was hardcoded to 15 in backend call — raised to 50
Bug 2: DSI documents checked against text_preview (500 chars) — now uses
full_text (10,000 chars) for Art. 13 mandatory field checks
Bug 3: DSE text not found when Playwright misses DSE page — now falls
back to DSI Discovery full_text as second source
Bug 4: Backend timeout 120s too short for 50 pages — raised to 300s
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
f967480cd9 |
fix: Add missing service_registry.py to main
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
275bdf9848 |
fix: Add missing service modules required by agent_scan_routes
Build + Deploy / build-admin-compliance (push) Successful in 1m49s
Build + Deploy / build-backend-compliance (push) Successful in 2m57s
Build + Deploy / build-ai-sdk (push) Successful in 50s
Build + Deploy / build-developer-portal (push) Successful in 1m2s
Build + Deploy / build-tts (push) Successful in 1m23s
Build + Deploy / build-document-crawler (push) Successful in 39s
Build + Deploy / build-dsms-gateway (push) Successful in 23s
Build + Deploy / build-dsms-node (push) Successful in 10s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 21s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m31s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Failing after 41s
CI / test-python-backend (push) Successful in 40s
CI / test-python-document-crawler (push) Successful in 25s
CI / test-python-dsms-gateway (push) Successful in 20s
CI / validate-canonical-controls (push) Successful in 13s
Build + Deploy / trigger-orca (push) Successful in 2m46s
These files existed on the feature branch but were never cherry-picked to main, causing ModuleNotFoundError on import: - dse_parser.py — parses DSE HTML into structured sections - dse_matcher.py — matches detected services against DSE sections - mandatory_content_checker.py — checks Art. 13 DSGVO mandatory fields - legal_basis_validator.py — validates legal basis (lit. a-f) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
a18ef16378 |
fix: Add missing service modules required by agent_scan_routes
These files existed on the feature branch but were never cherry-picked to main, causing ModuleNotFoundError on import: - dse_parser.py — parses DSE HTML into structured sections - dse_matcher.py — matches detected services against DSE sections - mandatory_content_checker.py — checks Art. 13 DSGVO mandatory fields - legal_basis_validator.py — validates legal basis (lit. a-f) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
5c0ca803b0 |
fix: Add missing 'import re' to agent_scan_routes.py
Build + Deploy / build-admin-compliance (push) Successful in 11s
Build + Deploy / build-backend-compliance (push) Successful in 9s
Build + Deploy / build-ai-sdk (push) Successful in 7s
Build + Deploy / build-developer-portal (push) Successful in 6s
Build + Deploy / build-tts (push) Successful in 7s
Build + Deploy / build-document-crawler (push) Successful in 7s
Build + Deploy / build-dsms-gateway (push) Successful in 7s
Build + Deploy / build-dsms-node (push) Successful in 9s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 15s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m35s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 46s
CI / test-python-backend (push) Successful in 43s
CI / test-python-document-crawler (push) Successful in 31s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 16s
Build + Deploy / trigger-orca (push) Successful in 2m20s
NameError: name 're' is not defined at line 146 — the import was accidentally removed when extracting helper functions to agent_scan_helpers.py. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
f960bd052a |
fix: Add missing 'import re' to agent_scan_routes.py
NameError: name 're' is not defined at line 146 — the import was accidentally removed when extracting helper functions to agent_scan_helpers.py. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
b22351fc6e |
fix: Exhaustive crawl — no arbitrary page/document limits
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 14s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m37s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 38s
CI / test-python-backend (push) Successful in 36s
CI / test-python-document-crawler (push) Successful in 24s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 15s
Both scanners now search until done, not until a counter runs out: playwright_scanner.py: - Default max_pages raised from 15 to 50 - Added 3-minute timeout as safety net - Recursive link discovery on EVERY visited page (not just DSE pages) - Stops when: all links visited OR max_pages OR timeout dsi_discovery.py: - Default max_documents raised from 30 to 100 - Added 5-minute timeout as safety net - Recursive: on each visited page, searches for MORE DSI links - Processes ALL discovered links exhaustively - Stops when: no more pending links OR max_documents OR timeout The scanners now behave like a real user: they follow every relevant link they find, and on each new page they look for more links. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
a846bd8910 |
fix: Exhaustive crawl — no arbitrary page/document limits
Both scanners now search until done, not until a counter runs out: playwright_scanner.py: - Default max_pages raised from 15 to 50 - Added 3-minute timeout as safety net - Recursive link discovery on EVERY visited page (not just DSE pages) - Stops when: all links visited OR max_pages OR timeout dsi_discovery.py: - Default max_documents raised from 30 to 100 - Added 5-minute timeout as safety net - Recursive: on each visited page, searches for MORE DSI links - Processes ALL discovered links exhaustively - Stops when: no more pending links OR max_documents OR timeout The scanners now behave like a real user: they follow every relevant link they find, and on each new page they look for more links. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
a970c28168 |
feat: DSI document discovery + completeness check in agent scan workflow
Build + Deploy / build-admin-compliance (push) Successful in 1m49s
Build + Deploy / build-backend-compliance (push) Successful in 2m52s
Build + Deploy / build-ai-sdk (push) Successful in 38s
Build + Deploy / build-developer-portal (push) Successful in 1m3s
Build + Deploy / build-tts (push) Successful in 1m27s
Build + Deploy / build-document-crawler (push) Successful in 33s
Build + Deploy / build-dsms-gateway (push) Successful in 22s
Build + Deploy / build-dsms-node (push) Successful in 10s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 13s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m33s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 44s
CI / test-python-backend (push) Successful in 41s
CI / test-python-document-crawler (push) Successful in 1m3s
CI / test-python-dsms-gateway (push) Successful in 29s
CI / validate-canonical-controls (push) Successful in 19s
Build + Deploy / trigger-orca (push) Successful in 2m58s
Agent scan now automatically:
1. Discovers all legal documents via consent-tester /dsi-discovery endpoint
2. Classifies each as DSE/AGB/Widerruf/Cookie/Impressum
3. Checks completeness against type-specific checklists:
- DSE: 9 Art. 13 DSGVO mandatory fields (controller, DPO, purposes,
legal basis, recipients, third-country, retention, rights, complaint)
- AGB: §305ff BGB (scope, contract formation, liability, jurisdiction)
- Widerruf: §355 BGB (right info, 14-day deadline, form, consequences)
4. Adds findings per document to scan results
5. Shows discovered documents with completeness % in email summary
6. Returns discovered_documents list in API response
New files:
- dsi_document_checker.py (229 LOC) — checklists + classifier
- agent_scan_helpers.py (109 LOC) — extracted summary builder + corrections
Refactor: agent_scan_routes.py 537→448 LOC (under 500 budget)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
48146cddaf |
feat: DSI document discovery + completeness check in agent scan workflow
Agent scan now automatically:
1. Discovers all legal documents via consent-tester /dsi-discovery endpoint
2. Classifies each as DSE/AGB/Widerruf/Cookie/Impressum
3. Checks completeness against type-specific checklists:
- DSE: 9 Art. 13 DSGVO mandatory fields (controller, DPO, purposes,
legal basis, recipients, third-country, retention, rights, complaint)
- AGB: §305ff BGB (scope, contract formation, liability, jurisdiction)
- Widerruf: §355 BGB (right info, 14-day deadline, form, consequences)
4. Adds findings per document to scan results
5. Shows discovered documents with completeness % in email summary
6. Returns discovered_documents list in API response
New files:
- dsi_document_checker.py (229 LOC) — checklists + classifier
- agent_scan_helpers.py (109 LOC) — extracted summary builder + corrections
Refactor: agent_scan_routes.py 537→448 LOC (under 500 budget)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
298c95731a |
feat: Generic legal document discovery (DSI, AGB, Widerruf, Cookie-Richtlinie)
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 22s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m35s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 52s
CI / test-python-backend (push) Successful in 42s
CI / test-python-document-crawler (push) Successful in 29s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 14s
New service: dsi_discovery.py — finds ALL legal documents on any website:
- Technology-agnostic: HTML, SPA, WordPress, Typo3, custom CMS
- Structure-agnostic: accordions, sidebars, footers, inline links, tabs
- Format-agnostic: HTML pages, anchor sections, PDFs, cross-domain links
- Language-agnostic: 26 EU/EEA languages with document-type keywords
Document types discovered:
- Datenschutzinformationen / Privacy Policies (Art. 13/14 DSGVO)
- AGB / Terms of Service / Nutzungsbedingungen
- Widerrufsbelehrung / Right of Withdrawal (§355 BGB)
- Cookie-Richtlinie / Cookie Policy
- All cross-domain variants (e.g. help.instagram.com from instagram.com)
API: POST /dsi-discovery { url, max_documents }
Returns: list of documents with title, url, language, type, word_count, text_preview
Features:
- Expands all accordions, details, tabs, dropdowns before scanning
- Follows cross-domain links (same registrable domain)
- Re-expands after navigation back to source page
- Handles anchor links (#sections) separately from full pages
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
4e63a6050d |
feat: Generic legal document discovery (DSI, AGB, Widerruf, Cookie-Richtlinie)
New service: dsi_discovery.py — finds ALL legal documents on any website:
- Technology-agnostic: HTML, SPA, WordPress, Typo3, custom CMS
- Structure-agnostic: accordions, sidebars, footers, inline links, tabs
- Format-agnostic: HTML pages, anchor sections, PDFs, cross-domain links
- Language-agnostic: 26 EU/EEA languages with document-type keywords
Document types discovered:
- Datenschutzinformationen / Privacy Policies (Art. 13/14 DSGVO)
- AGB / Terms of Service / Nutzungsbedingungen
- Widerrufsbelehrung / Right of Withdrawal (§355 BGB)
- Cookie-Richtlinie / Cookie Policy
- All cross-domain variants (e.g. help.instagram.com from instagram.com)
API: POST /dsi-discovery { url, max_documents }
Returns: list of documents with title, url, language, type, word_count, text_preview
Features:
- Expands all accordions, details, tabs, dropdowns before scanning
- Follows cross-domain links (same registrable domain)
- Re-expands after navigation back to source page
- Handles anchor links (#sections) separately from full pages
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
9395a0084a |
feat: Legally vetted cookie banner translations for 22 EU/EEA languages
Build + Deploy / build-admin-compliance (push) Successful in 2m6s
Build + Deploy / build-backend-compliance (push) Successful in 3m13s
Build + Deploy / build-ai-sdk (push) Successful in 56s
Build + Deploy / build-developer-portal (push) Successful in 1m13s
Build + Deploy / build-tts (push) Successful in 1m25s
Build + Deploy / build-document-crawler (push) Successful in 42s
Build + Deploy / build-dsms-gateway (push) Successful in 28s
Build + Deploy / build-dsms-node (push) Successful in 12s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 19s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m44s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 40s
CI / test-python-backend (push) Successful in 41s
CI / test-python-document-crawler (push) Successful in 30s
CI / test-python-dsms-gateway (push) Successful in 22s
CI / validate-canonical-controls (push) Successful in 15s
Build + Deploy / trigger-orca (push) Successful in 3m6s
22 languages: BG, CS, DA, DE, EL, EN, ES, ET, FI, FR, HR, HU, IT, LT, LV, NL, PL, PT, RO, SK, SL, SV Each language includes 20 fields: - Banner title, description, accept/reject/save buttons - Privacy notice: "zur Kenntnis genommen" pattern (NOT "zugestimmt") - Terms: "gelesen und stimme zu" pattern (contract = agreement correct) - EWR-only toggle label + info text - 4 category names + descriptions - Vendor/blocked labels, imprint + privacy policy links Legal precision: - DSE = Informationspflicht Art. 13 DSGVO → "acknowledged/zur Kenntnis" - Nutzungsbedingungen = Vertrag → "agree/zustimmen" is correct - No passive consent formulations - No coupling patterns Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
74dddbfa0f |
feat: Legally vetted cookie banner translations for 22 EU/EEA languages
22 languages: BG, CS, DA, DE, EL, EN, ES, ET, FI, FR, HR, HU, IT, LT, LV, NL, PL, PT, RO, SK, SL, SV Each language includes 20 fields: - Banner title, description, accept/reject/save buttons - Privacy notice: "zur Kenntnis genommen" pattern (NOT "zugestimmt") - Terms: "gelesen und stimme zu" pattern (contract = agreement correct) - EWR-only toggle label + info text - 4 category names + descriptions - Vendor/blocked labels, imprint + privacy policy links Legal precision: - DSE = Informationspflicht Art. 13 DSGVO → "acknowledged/zur Kenntnis" - Nutzungsbedingungen = Vertrag → "agree/zustimmen" is correct - No passive consent formulations - No coupling patterns Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
129849aa21 |
feat: 9 new banner checks (12-20), total 20 compliance checks
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 15s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m38s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 45s
CI / test-python-backend (push) Successful in 52s
CI / test-python-document-crawler (push) Successful in 30s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 13s
Check 12: Click count — reject requires more clicks than accept (CNIL 150M EUR) Check 13: Color contrast — reject button invisible (same bg as banner) Check 14: Google Consent Mode — analytics_storage 'granted' as default Check 15: Pre-consent cookies — tracking cookies set before any interaction Check 16: Registration coupling — login button = consent (Art. 7(4) DSGVO) Check 17: Language mismatch — banner vs page language (all 26 EU languages) Check 18: Consent cookie expiry — >13 months violates CNIL guidelines Check 19: Nudging — reject button below fold / requires scrolling Check 20: Emotional language (Stirring) — "volle Funktionalitaet" etc. Language detection covers: BG, CS, DA, DE, EL, EN, ES, ET, FI, FR, GA, HR, HU, IS, IT, LT, LV, MT, NL, NO, PL, PT, RO, SK, SL, SV New file: banner_advanced_checks.py (396 LOC) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
b997b4a475 |
feat: 9 new banner checks (12-20), total 20 compliance checks
Check 12: Click count — reject requires more clicks than accept (CNIL 150M EUR) Check 13: Color contrast — reject button invisible (same bg as banner) Check 14: Google Consent Mode — analytics_storage 'granted' as default Check 15: Pre-consent cookies — tracking cookies set before any interaction Check 16: Registration coupling — login button = consent (Art. 7(4) DSGVO) Check 17: Language mismatch — banner vs page language (all 26 EU languages) Check 18: Consent cookie expiry — >13 months violates CNIL guidelines Check 19: Nudging — reject button below fold / requires scrolling Check 20: Emotional language (Stirring) — "volle Funktionalitaet" etc. Language detection covers: BG, CS, DA, DE, EL, EN, ES, ET, FI, FR, GA, HR, HU, IS, IT, LT, LV, MT, NL, NO, PL, PT, RO, SK, SL, SV New file: banner_advanced_checks.py (396 LOC) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
7fc43a3f1f |
feat: 3 new banner legal checks (11 total) + extract banner_text_checker
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 18s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m32s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 46s
CI / test-python-backend (push) Successful in 40s
CI / test-python-document-crawler (push) Successful in 25s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 14s
New checks (from EUIPO reference case): - Check 9: Third-party DSE link — detects when consent dialog links to external domain's privacy policy instead of own DSE (Art. 13 DSGVO) - Check 10: Dark-pattern language — detects "muessen/erforderlich" for non-essential cookies suggesting false technical necessity (EDPB Rn. 70) - Check 11: Non-modal dismiss = consent — detects when clicking outside dialog closes it (possibly treating as consent, Planet49 violation) Refactor: extracted _check_banner_text (375 LOC) from consent_scanner.py into services/banner_text_checker.py to keep both files under 500 LOC. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
5d138f265b |
feat: 3 new banner legal checks (11 total) + extract banner_text_checker
New checks (from EUIPO reference case): - Check 9: Third-party DSE link — detects when consent dialog links to external domain's privacy policy instead of own DSE (Art. 13 DSGVO) - Check 10: Dark-pattern language — detects "muessen/erforderlich" for non-essential cookies suggesting false technical necessity (EDPB Rn. 70) - Check 11: Non-modal dismiss = consent — detects when clicking outside dialog closes it (possibly treating as consent, Planet49 violation) Refactor: extracted _check_banner_text (375 LOC) from consent_scanner.py into services/banner_text_checker.py to keep both files under 500 LOC. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
0b7e14f202 |
feat: Add IAM system knowledge + CMP FAQ to Compliance Advisor soul
Build + Deploy / build-admin-compliance (push) Successful in 2m0s
Build + Deploy / build-backend-compliance (push) Successful in 2m56s
Build + Deploy / build-ai-sdk (push) Successful in 43s
Build + Deploy / build-developer-portal (push) Successful in 1m1s
Build + Deploy / build-tts (push) Successful in 1m14s
Build + Deploy / build-document-crawler (push) Successful in 32s
Build + Deploy / build-dsms-gateway (push) Successful in 20s
Build + Deploy / build-dsms-node (push) Successful in 9s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 15s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m31s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 40s
CI / test-python-backend (push) Successful in 36s
CI / test-python-document-crawler (push) Successful in 26s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 13s
Build + Deploy / trigger-orca (push) Successful in 3m15s
New FAQ sections the advisor can answer: - "Was ist WSO2 Identity Server?" — explains systemic GDPR template problem - "Welche IAM-Systeme haben aehnliche Probleme?" — WSO2, Keycloak, Azure AD B2C, Auth0, Cognito, ForgeRock comparison table - "Was ist das Koppelungsverbot?" — Art. 7(4) DSGVO with practical examples - CMP product knowledge — all 9 modules, EWR-Only feature explanation Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
2fb417c784 |
feat: Add IAM system knowledge + CMP FAQ to Compliance Advisor soul
New FAQ sections the advisor can answer: - "Was ist WSO2 Identity Server?" — explains systemic GDPR template problem - "Welche IAM-Systeme haben aehnliche Probleme?" — WSO2, Keycloak, Azure AD B2C, Auth0, Cognito, ForgeRock comparison table - "Was ist das Koppelungsverbot?" — Art. 7(4) DSGVO with practical examples - CMP product knowledge — all 9 modules, EWR-Only feature explanation Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
15a1879803 |
fix: Cookie banner closeable + sidebar accessible while banner is open
Build + Deploy / build-admin-compliance (push) Successful in 1m33s
Build + Deploy / build-backend-compliance (push) Successful in 7s
Build + Deploy / build-ai-sdk (push) Successful in 8s
Build + Deploy / build-developer-portal (push) Successful in 6s
Build + Deploy / build-tts (push) Successful in 6s
Build + Deploy / build-document-crawler (push) Successful in 7s
Build + Deploy / build-dsms-gateway (push) Successful in 6s
Build + Deploy / build-dsms-node (push) Successful in 7s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 12s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m40s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 43s
CI / test-python-backend (push) Successful in 37s
CI / test-python-document-crawler (push) Successful in 26s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 15s
Build + Deploy / trigger-orca (push) Successful in 2m12s
- X button to close banner (SDK admin context only) - Overlay leaves sidebar area accessible (ml-16/ml-64) - Click overlay backdrop to dismiss - Preview page: close banner on API error (don't trap user) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
a1272390ff |
fix: Cookie banner closeable + sidebar accessible while banner is open
- X button to close banner (SDK admin context only) - Overlay leaves sidebar area accessible (ml-16/ml-64) - Click overlay backdrop to dismiss - Preview page: close banner on API error (don't trap user) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
e8b5c90a49 |
fix: Route all banner API calls through Next.js proxy (SSL cert fix)
Build + Deploy / build-admin-compliance (push) Successful in 2m6s
Build + Deploy / build-backend-compliance (push) Successful in 2m58s
Build + Deploy / build-ai-sdk (push) Successful in 8s
Build + Deploy / build-developer-portal (push) Successful in 7s
Build + Deploy / build-tts (push) Successful in 7s
Build + Deploy / build-document-crawler (push) Successful in 7s
Build + Deploy / build-dsms-gateway (push) Successful in 7s
Build + Deploy / build-dsms-node (push) Successful in 7s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 14s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m30s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 37s
CI / test-python-backend (push) Successful in 36s
CI / test-python-document-crawler (push) Successful in 26s
CI / test-python-dsms-gateway (push) Successful in 23s
CI / validate-canonical-controls (push) Successful in 14s
Build + Deploy / trigger-orca (push) Successful in 2m11s
Browser blocks direct calls to backend-compliance:8093 due to self-signed SSL certificate. All banner API calls now go through Next.js API proxy at /api/sdk/v1/banner/* which runs server-side. - New catch-all proxy: /api/sdk/v1/banner/[[...path]]/route.ts Maps to backend-compliance:8002/api/compliance/banner/* - Preview page: uses /api/sdk/v1/banner/ instead of https://macmini:8093 - CMP Dashboard: uses proxy for banner stats + compliance proxy for DSR/einwilligungen - Fixes: banner not closeable due to API errors, consent not saving Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
6af35dbf5f |
fix: Route all banner API calls through Next.js proxy (SSL cert fix)
Browser blocks direct calls to backend-compliance:8093 due to self-signed SSL certificate. All banner API calls now go through Next.js API proxy at /api/sdk/v1/banner/* which runs server-side. - New catch-all proxy: /api/sdk/v1/banner/[[...path]]/route.ts Maps to backend-compliance:8002/api/compliance/banner/* - Preview page: uses /api/sdk/v1/banner/ instead of https://macmini:8093 - CMP Dashboard: uses proxy for banner stats + compliance proxy for DSR/einwilligungen - Fixes: banner not closeable due to API errors, consent not saving Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
bb2ebd03cd |
feat: CMP Dashboard — aggregated consent, DSR, and compliance overview
Build + Deploy / build-admin-compliance (push) Successful in 2m2s
Build + Deploy / build-backend-compliance (push) Successful in 3m0s
Build + Deploy / build-ai-sdk (push) Successful in 50s
Build + Deploy / build-developer-portal (push) Successful in 1m11s
Build + Deploy / build-tts (push) Successful in 1m34s
Build + Deploy / build-document-crawler (push) Successful in 34s
Build + Deploy / build-dsms-gateway (push) Successful in 23s
Build + Deploy / build-dsms-node (push) Successful in 10s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 16s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m47s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 42s
CI / test-python-backend (push) Successful in 40s
CI / test-python-document-crawler (push) Successful in 29s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 15s
Build + Deploy / trigger-orca (push) Successful in 3m58s
- New route /sdk/cmp with full CMP dashboard - 4 KPI cards: total consents, active consents, open DSR requests, configured sites - Cookie category acceptance bars (necessary/statistics/marketing/functional) - DSR breakdown: by status, by type (Art. 15-21), avg processing time, overdue count - 9-point compliance checklist (banner, DSE, impressum, Art.7 proof, DSR, loeschfristen, vendor AVV, email templates, EWR-only mode) — each links to relevant module - 8 module cards with icons linking to all CMP sub-modules - Real API integration: /banner/admin/stats, /einwilligungen/consents/stats, /dsr/stats - Dashboard link added as first entry in CMP sidebar section Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
4834e8ad5c |
feat: CMP Dashboard — aggregated consent, DSR, and compliance overview
- New route /sdk/cmp with full CMP dashboard - 4 KPI cards: total consents, active consents, open DSR requests, configured sites - Cookie category acceptance bars (necessary/statistics/marketing/functional) - DSR breakdown: by status, by type (Art. 15-21), avg processing time, overdue count - 9-point compliance checklist (banner, DSE, impressum, Art.7 proof, DSR, loeschfristen, vendor AVV, email templates, EWR-only mode) — each links to relevant module - 8 module cards with icons linking to all CMP sub-modules - Real API integration: /banner/admin/stats, /einwilligungen/consents/stats, /dsr/stats - Dashboard link added as first entry in CMP sidebar section Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
3bf0804af6 |
feat: CMP sidebar section + cookie banner live preview page
Build + Deploy / build-admin-compliance (push) Successful in 1m55s
Build + Deploy / build-backend-compliance (push) Successful in 2m57s
Build + Deploy / build-ai-sdk (push) Successful in 36s
Build + Deploy / build-developer-portal (push) Successful in 1m8s
Build + Deploy / build-tts (push) Successful in 1m17s
Build + Deploy / build-document-crawler (push) Successful in 35s
Build + Deploy / build-dsms-gateway (push) Successful in 21s
Build + Deploy / build-dsms-node (push) Successful in 10s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 15s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m37s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 47s
CI / test-python-backend (push) Successful in 39s
CI / test-python-document-crawler (push) Successful in 25s
CI / test-python-dsms-gateway (push) Successful in 20s
CI / validate-canonical-controls (push) Successful in 14s
Build + Deploy / trigger-orca (push) Successful in 2m10s
CMP Section in Sidebar: - New "CMP" group with purple accent, above other module sections - Links: Cookie-Banner, Live-Vorschau, Consent-Records, Consent-Verwaltung, Vendor-Compliance, DSR Portal, Loeschfristen, E-Mail-Templates Live Preview (/sdk/cookie-banner/preview): - Simulated "MusterShop GmbH" website with full cookie banner - Real API calls to POST /banner/consent (saves to DB) - EWR-Only toggle functional in preview - API Debug panel shows fingerprint, consent status, blocked vendors - Response JSON viewer for API debugging - Links to verify in Consent-Verwaltung, Consent-Records, DSR Portal - "Consent zuruecksetzen" button to re-test - Footer "Cookie-Einstellungen" link to reopen banner Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
89ff62e534 |
feat: CMP sidebar section + cookie banner live preview page
CMP Section in Sidebar: - New "CMP" group with purple accent, above other module sections - Links: Cookie-Banner, Live-Vorschau, Consent-Records, Consent-Verwaltung, Vendor-Compliance, DSR Portal, Loeschfristen, E-Mail-Templates Live Preview (/sdk/cookie-banner/preview): - Simulated "MusterShop GmbH" website with full cookie banner - Real API calls to POST /banner/consent (saves to DB) - EWR-Only toggle functional in preview - API Debug panel shows fingerprint, consent status, blocked vendors - Response JSON viewer for API debugging - Links to verify in Consent-Verwaltung, Consent-Records, DSR Portal - "Consent zuruecksetzen" button to re-test - Footer "Cookie-Einstellungen" link to reopen banner Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
11ca113318 |
cleanup: Remove duplicate cookie-banner route, redirect to /sdk/cookie-banner
Build + Deploy / build-admin-compliance (push) Successful in 1m44s
Build + Deploy / build-backend-compliance (push) Successful in 3m7s
Build + Deploy / build-ai-sdk (push) Successful in 47s
Build + Deploy / build-developer-portal (push) Successful in 1m8s
Build + Deploy / build-tts (push) Successful in 1m18s
Build + Deploy / build-document-crawler (push) Successful in 34s
Build + Deploy / build-dsms-gateway (push) Successful in 20s
Build + Deploy / build-dsms-node (push) Successful in 10s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 15s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m42s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 48s
CI / test-python-backend (push) Successful in 39s
CI / test-python-document-crawler (push) Successful in 25s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 14s
Build + Deploy / trigger-orca (push) Successful in 2m49s
- Deleted 6 unused components from /sdk/einwilligungen/cookie-banner/_components/ - Replaced page.tsx with Next.js redirect() to /sdk/cookie-banner - Updated EinwilligungenNavTabs link to /sdk/cookie-banner - Updated catalog page link to /sdk/cookie-banner - Single source of truth: /sdk/cookie-banner (Step in "Rechtliche Texte") Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
340fd27a1a |
cleanup: Remove duplicate cookie-banner route, redirect to /sdk/cookie-banner
- Deleted 6 unused components from /sdk/einwilligungen/cookie-banner/_components/ - Replaced page.tsx with Next.js redirect() to /sdk/cookie-banner - Updated EinwilligungenNavTabs link to /sdk/cookie-banner - Updated catalog page link to /sdk/cookie-banner - Single source of truth: /sdk/cookie-banner (Step in "Rechtliche Texte") Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
e7f5bb1c33 |
fix: Cookie banner links — DSE to privacy-policy, Impressum to document-generator
Build + Deploy / build-admin-compliance (push) Successful in 2m4s
Build + Deploy / build-backend-compliance (push) Successful in 3m9s
Build + Deploy / build-ai-sdk (push) Successful in 44s
Build + Deploy / build-developer-portal (push) Successful in 1m4s
Build + Deploy / build-tts (push) Successful in 1m21s
Build + Deploy / build-document-crawler (push) Successful in 32s
Build + Deploy / build-dsms-gateway (push) Successful in 23s
Build + Deploy / build-dsms-node (push) Successful in 10s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 15s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m39s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 42s
CI / test-python-backend (push) Successful in 41s
CI / test-python-document-crawler (push) Successful in 25s
CI / test-python-dsms-gateway (push) Successful in 20s
CI / validate-canonical-controls (push) Successful in 13s
Build + Deploy / trigger-orca (push) Successful in 4m45s
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
4a8565f5b0 |
fix: Cookie banner links — DSE to privacy-policy, Impressum to document-generator
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
61c3f8fd4a |
refactor: Cookie banner — categories always visible (CNIL/DSK compliant)
Build + Deploy / build-admin-compliance (push) Successful in 1m57s
Build + Deploy / build-backend-compliance (push) Successful in 8s
Build + Deploy / build-ai-sdk (push) Successful in 8s
Build + Deploy / build-developer-portal (push) Successful in 8s
Build + Deploy / build-tts (push) Successful in 7s
Build + Deploy / build-document-crawler (push) Successful in 7s
Build + Deploy / build-dsms-gateway (push) Successful in 7s
Build + Deploy / build-dsms-node (push) Successful in 8s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 18s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 3m10s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 42s
CI / test-python-backend (push) Successful in 42s
CI / test-python-document-crawler (push) Successful in 30s
CI / test-python-dsms-gateway (push) Successful in 28s
CI / validate-canonical-controls (push) Successful in 15s
Build + Deploy / trigger-orca (push) Successful in 2m16s
- All 4 categories with toggles visible on first layer (no "Einstellungen" step) - Removed showSettings state — single-view banner - EWR toggle + info button in header, always visible - Two equal-weight buttons: "Alle akzeptieren" + "Auswahl speichern" - "Nur notwendige" as text link below (not hidden, but less prominent) - Vendor tables expandable per category via chevron - DSK OH Telemedien 2022 + CNIL 2020 compliant layout Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
199f7835a7 |
refactor: Cookie banner — categories always visible (CNIL/DSK compliant)
- All 4 categories with toggles visible on first layer (no "Einstellungen" step) - Removed showSettings state — single-view banner - EWR toggle + info button in header, always visible - Two equal-weight buttons: "Alle akzeptieren" + "Auswahl speichern" - "Nur notwendige" as text link below (not hidden, but less prominent) - Vendor tables expandable per category via chevron - DSK OH Telemedien 2022 + CNIL 2020 compliant layout Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
9510ce0ff9 |
fix: Move EWR toggle to banner header with info button
Build + Deploy / build-admin-compliance (push) Successful in 2m9s
Build + Deploy / build-backend-compliance (push) Successful in 8s
Build + Deploy / build-ai-sdk (push) Successful in 8s
Build + Deploy / build-developer-portal (push) Successful in 7s
Build + Deploy / build-tts (push) Successful in 11s
Build + Deploy / build-document-crawler (push) Successful in 7s
Build + Deploy / build-dsms-gateway (push) Successful in 7s
Build + Deploy / build-dsms-node (push) Successful in 13s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 15s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 3m9s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 42s
CI / test-python-backend (push) Successful in 43s
CI / test-python-document-crawler (push) Successful in 29s
CI / test-python-dsms-gateway (push) Successful in 23s
CI / validate-canonical-controls (push) Successful in 14s
Build + Deploy / trigger-orca (push) Successful in 2m26s
- EWR toggle now visible on initial banner view (top-right, always visible) - Info button (i) with tooltip explaining EWR-only mode - Blocked vendors count badge below toggle - Blocked vendor pills shown below header text - Removed duplicate EWR section from settings view Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
fbeefa8fce |
fix: Move EWR toggle to banner header with info button
- EWR toggle now visible on initial banner view (top-right, always visible) - Info button (i) with tooltip explaining EWR-only mode - Blocked vendors count badge below toggle - Blocked vendor pills shown below header text - Removed duplicate EWR section from settings view Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
9bc816e55c |
feat: "Nur EU/EWR" toggle in Cookie Banner — blocks non-EWR vendors
Build + Deploy / build-admin-compliance (push) Successful in 2m13s
Build + Deploy / build-backend-compliance (push) Successful in 3m19s
Build + Deploy / build-ai-sdk (push) Successful in 54s
Build + Deploy / build-developer-portal (push) Successful in 1m17s
Build + Deploy / build-tts (push) Successful in 1m46s
Build + Deploy / build-document-crawler (push) Successful in 41s
Build + Deploy / build-dsms-gateway (push) Successful in 23s
Build + Deploy / build-dsms-node (push) Successful in 12s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 19s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m59s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 43s
CI / test-python-backend (push) Successful in 1m4s
CI / test-python-document-crawler (push) Successful in 34s
CI / test-python-dsms-gateway (push) Successful in 26s
CI / validate-canonical-controls (push) Successful in 16s
Build + Deploy / trigger-orca (push) Successful in 3m18s
Game-changing CMP feature: Users accept a category (e.g. Marketing) but can restrict data processing to EU/EWR-only vendors. Non-EWR vendors are blocked even when the category is accepted. - Toggle "Nur EU/EWR-Anbieter" with globe icon in blue gradient bar - Blocked vendors shown as red pills with strikethrough icon - Per-vendor status icons: green checkmark (active), red slash (blocked), gray dash (category disabled) - Country column: green circle+check for EWR, amber warning for non-EWR - EWR = EU27 + IS/LI/NO + CH (Angemessenheitsbeschluss) - Vendor data extracted to cookie-banner-vendors.ts (under 500 LOC) - Consent state includes ewrOnly flag + blockedVendors list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
9424f4ebcc |
feat: "Nur EU/EWR" toggle in Cookie Banner — blocks non-EWR vendors
Game-changing CMP feature: Users accept a category (e.g. Marketing) but can restrict data processing to EU/EWR-only vendors. Non-EWR vendors are blocked even when the category is accepted. - Toggle "Nur EU/EWR-Anbieter" with globe icon in blue gradient bar - Blocked vendors shown as red pills with strikethrough icon - Per-vendor status icons: green checkmark (active), red slash (blocked), gray dash (category disabled) - Country column: green circle+check for EWR, amber warning for non-EWR - EWR = EU27 + IS/LI/NO + CH (Angemessenheitsbeschluss) - Vendor data extracted to cookie-banner-vendors.ts (under 500 LOC) - Consent state includes ewrOnly flag + blockedVendors list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |